Difference between revisions of "SRX notes"
From cpwiki.net
| Line 1: | Line 1: | ||
junos SRX notes | junos SRX notes | ||
| + | |||
| + | show interface IPs | ||
| + | > show interfaces terse | match inet | ||
show rule / policy | show rule / policy | ||
Latest revision as of 14:28, 20 June 2024
junos SRX notes
show interface IPs
> show interfaces terse | match inet
show rule / policy
# show security policies from-zone trust to-zone untrust policy <policy_name>
search address book for pre-defined objects
# show security zones security-zone untrust address-book | match "192.168.1.1"
monitoring traffic example
monitor traffic matching "host 10.0.0.1" no-resolve interface reth0
show cluster status
root@SRXfw> show chassis cluster status
Cluster ID: 1
Node Priority Status Preempt Manual failover
Redundancy group: 0 , Failover count: 0
node0 200 primary no no
node1 100 secondary no no
Redundancy group: 1 , Failover count: 3
node0 200 secondary no no
node1 100 primary no no
add proxy arp
set security nat proxy-arp interface reth0 address 192.168.1.1
start unix shell
> start shell user root
example new rule (in progress)
match > permit > insert
VM download
https://webdownload.juniper.net/swdl/dl/secure/site/1/record/117212.html?pf=vSRX%20EVAL
